Lucene search
+L

70 matches found

osv
osv
added 2026/06/26 8:52 a.m.4 views

SUSE-SU-2026:2644-1 Security update for frr

This update for frr fixes the following issues - CVE-2026-28532: Denial of Service due to integer overflow in OSPF TLV parser functions bsc1263859. - CVE-2026-37457: An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References7
osv
osv
added 2026/06/18 2:2 p.m.3 views

SUSE-SU-2026:2455-1 Security update for frr

This update for frr fixes the following issues - CVE-2026-5107: Fixed an improper access controls in EVPN Type-2 Route Handler bsc1261013. - CVE-2026-28532: Harden TE/SR TLV iteration against malformed lengths bsc1263859. - CVE-2026-37457: Fix off-by-one error in FlowSpec operator array bounds...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References9
osv
osv
added 2026/06/18 2:2 p.m.3 views

SUSE-SU-2026:2454-1 Security update for frr

This update for frr fixes the following issues Update to frr 8.5.7: - CVE-2026-5107: Fixed an improper access controls in EVPN Type-2 Route Handler bsc1261013. - CVE-2026-28532: Harden TE/SR TLV iteration against malformed lengths bsc1263859. - CVE-2026-37457: Fix off-by-one error in FlowSpec...

7.5CVSS5.9AI score0.00389EPSS
Exploits0References9
osv
osv
added 2026/06/03 9:46 a.m.7 views

OPENSUSE-SU-2026:20898-1 Security update for frr

This update for frr fixes the following issues: - CVE-2026-5107: Fixed an improper access controls in EVPN Type-2 Route Handler bsc1261013. - CVE-2026-28532: Harden TE/SR TLV iteration against malformed lengths bsc1263859. - CVE-2026-37457: Fix off-by-one error in FlowSpec operator array bounds...

7.5CVSS5.4AI score0.00389EPSS
Exploits0References8
redhatcve
redhatcve
added 2026/05/28 1:2 p.m.14 views

CVE-2026-48688

A flaw was found in FastNetMon Community Edition. Multiple out-of-bounds read vulnerabilities exist within the BGP MPREACHNLRI IPv6 attribute decoder. A remote attacker could exploit these flaws by sending specially crafted BGP messages, which could lead to information disclosure or a denial of...

7.5CVSS5.7AI score0.00283EPSS
Exploits0References2
nessus
nessus
added 2026/05/27 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-48688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 i...

7.5CVSS6.2AI score0.00283EPSS
Exploits0References3
nvd
nvd
added 2026/05/26 7:16 p.m.18 views

CVE-2026-48689

FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamicbinarybuffert class src/dynamicbinarybuffer.hpp. Five methods appenddynamicbuffer, appenddataaspointer, appenddataasobjectptr, memcpyfromptr, memcpyfromobjectptr use an incorrect bounds chec...

9.8CVSS0.00677EPSS
Exploits1References3
nvd
nvd
added 2026/05/26 4:16 p.m.59 views

CVE-2026-48688

FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after...

7.5CVSS0.00283EPSS
Exploits0References3
osv
osv
added 2026/05/26 4:16 p.m.8 views

DEBIAN-CVE-2026-48686

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

9.8CVSS6.4AI score0.00565EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2026/05/26 4:16 p.m.15 views

CVE-2026-48688

FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after...

7.5CVSS5.9AI score0.00283EPSS
Exploits0References6
debiancve
debiancve
added 2026/05/26 12:0 a.m.12 views

CVE-2026-48686

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

9.8CVSS6.4AI score0.00565EPSS
Exploits0
vulnrichment
vulnrichment
added 2026/05/26 12:0 a.m.13 views

CVE-2026-48689

FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamicbinarybuffert class src/dynamicbinarybuffer.hpp. Five methods appenddynamicbuffer, appenddataaspointer, appenddataasobjectptr, memcpyfromptr, memcpyfromobjectptr use an incorrect bounds chec...

6.5AI score0.00677EPSS
Exploits1References3
cve
cve
added 2026/05/26 12:0 a.m.23 views

CVE-2026-48686

CVE-2026-48686 affects FastNetMon Community Edition up to version 1.2.9. The vulnerability is a stack-based buffer overflow in the BGP NLRI decoder: decode_bgp_subnet_encoding_ipv4_raw() reads prefix_bit_length from the BGP packet without enforcing an upper bound (

9.8CVSS6.4AI score0.00565EPSS
Exploits0References3Affected Software1
euvd
euvd
added 2026/05/26 12:0 a.m.12 views

EUVD-2026-31844

FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after...

7.5CVSS5.9AI score0.00283EPSS
Exploits0References3
osv
osv
added 2026/05/08 11:17 a.m.12 views

CLSA-2026-1778238289 frr: Fix of 4 CVEs

CVE-2022-43681: fix bgpd crash on malformed BGP OPEN messages with insufficient data - CVE-2022-40318: fix out-of-bounds read in bgpopenoptionparse with extended option params - CVE-2023-31489: fix out-of-bounds read in BGP Long-lived Graceful-Restart capability parsing - CVE-2023-46752: fix bgpd...

6.5CVSS5.8AI score0.02107EPSS
Exploits1References1
nvd
nvd
added 2026/05/04 4:16 p.m.15 views

CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

6.5CVSS0.00249EPSS
Exploits0References2
osv
osv
added 2026/05/04 4:16 p.m.6 views

DEBIAN-CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

6.5CVSS5.8AI score0.00249EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2026/05/04 4:16 p.m.12 views

CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

6.5CVSS5.8AI score0.00249EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/05/04 12:0 a.m.9 views

PT-2026-36829

Name of the Vulnerable Software and Affected Versions FRRouting FRR versions stable/10.0 through stable/10.6 Description Missing input validation in the MP REACH NLRI component allows authenticated attackers to cause a Denial of Service DoS by supplying a crafted UPDATE message. Recommendations...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References34
vulnrichment
vulnrichment
added 2026/05/04 12:0 a.m.12 views

CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

5.8AI score0.00249EPSS
Exploits0References2
Rows per page
Query Builder